Print
E-MailThe following post comes to us from Edmond T. FitzGerald, partner and head of the Executive Compensation Group at Davis Polk & Wardwell LLP, and is based on a Davis Polk client memorandum by Linda C. Thomsen, Antonio Perez-Marques, and Kyoko T. Lin. The complete publication, including footnotes, is available here.
The Sarbanes-Oxley Act of 2002 (“SOX”), the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank”) and the Consumer Financial Protection Act (“CFPA”) impose overlapping anti-retaliation provisions that generally prohibit retaliation against corporate “whistleblowers.” Recent headlines of whistleblower awards granted to individuals, especially under Dodd-Frank, underscore the fact that, even if a company’s economic exposure arising from the alleged violation of these provisions may be relatively circumscribed—generally limited to amounts based on the compensation of the employee who is allegedly retaliated against—the “real world” exposure, in the form of reputational and regulatory risk, can be significantly greater.
The Securities and Exchange Commission (“SEC”) and the Consumer Financial Protection Bureau (“CFPB”) have made it clear that they are focused on retaliation claims. The consequences of perceived retaliatory conduct in the context of ongoing investigations may thus far exceed the statutory economic exposure in a civil claim by an individual whistleblower. This is particularly so after the Supreme Court’s recent confirmation of the broad scope of SOX’s anti-retaliation provision in Lawson v. FMR LLC, ruling that the anti-retaliation provision extends not only to publicly listed companies but also to the private contractors and subcontractors of public companies.
Although a law prohibiting retaliation on the basis of whistleblowing could appear in principle uncontroversial, in practice, challenging questions and situations arise, including:
- Avoiding retaliation claims when terminating employees;
- Determining what actions, if any, can permissibly be taken against an employee:
- Where the employee is determined to be the basis of allegations in the context of a government investigation or a civil lawsuit, possibly in violation of his or her obligations to the company;
- Where the employee’s ordinary course job responsibilities include investigating or reporting on inaccuracies in company financial reporting or accounting (e.g., internal audit or compliance function); or
- Where an employee who has not yet “blown the whistle” threatens to do so unless he is given a personal benefit, such as a raise or promotion.
- If termination is not an option, how can the company protect itself from potential breaches of its employment policies, such as the disclosure of confidential information, or other misconduct?
In this post, we examine these overlapping laws that are intended to protect whistleblowers, focusing on the scope of protected whistleblowing activity, the scope of covered entities and the procedure and practice of enforcement action. We then discuss practical considerations for organizations subject to these anti-retaliation provisions.
The Statutes
Starting with SOX
SOX was enacted largely in response to the Enron and WorldCom scandals, to protect shareholders against fraudulent financial reporting and accounting practices. The anti-retaliation provision at Section 806 of SOX, which prevents an employer from discharging or retaliating against an employee for engaging in a protected activity, was included in an effort to avoid repeating the circumstances of Enron, where Congress perceived that employees with knowledge of improper financial reporting and accounting practices were discouraged from reporting. In particular, the Senate report on SOX found that “In a variety of instances when corporate employees at both Enron and Andersen attempted to report or ‘blow the whistle’ on fraud … they were discouraged at nearly every turn.” The Senate report notes that, when a senior Enron employee attempted to report accounting irregularities, Enron sought legal advice regarding her potential termination, and outside counsel opined that “Texas law does not currently protect corporate whistleblowers. The Supreme Court has twice declined to create a cause of action for whistleblowers who are discharged …”
SOX’s anti-retaliation protection extends to employees providing information or assisting in a federal, Congressional or internal company investigation, or filing or assisting in a proceeding related to alleged mail, wire or securities fraud, violations of SEC rules and regulations, or Federal law related to fraud against shareholders.
The legislative history of SOX thus reflects an explicit attempt to prevent a recurrence of the “corporate code of silence” that the Senate investigation found had existed at Enron and which the Senate investigation found had discouraged employee reporting both to authorities and internally, with “serious and adverse” consequences for “investors in publicly traded companies, in particular, and for the stock market, in general …”
Other Regimes: Dodd-Frank and the Consumer Financial Protection Act
In 2010, Section 922 of Dodd-Frank significantly amended SOX’s anti-retaliation provision, by (i) expanding the time to report violations (i.e., allegedly retaliatory conduct) from 90 to 180 days after occurrence, (ii) clarifying that the provision applied to public companies’ private subsidiaries, and (iii) prohibiting employee waivers of anti-retaliation protection or pre-dispute arbitration agreements regarding anti-retaliation.
Dodd-Frank also enacted a separate whistleblower reward program with its own accompanying anti-retaliation provision. The Dodd-Frank whistleblower reward program provides for the payment of financial awards to “any individual who provides, or 2 or more individuals acting jointly who provide, information relating to a violation of the securities laws to the Commission, in a manner established, by rule or regulation, by the Commission.” The information (i) must be “original,” derived from the independent knowledge or analysis of the reporting individual and not known to the SEC from another source, and (ii) must lead to the “successful enforcement” of a judicial or administrative action resulting in monetary sanctions exceeding $1 million. The “whistleblower” reward program includes an anti-retaliation provision protecting “whistleblowers” from employer retaliation, discussed in more detail below.
The CFPA, enacted in 2010 as Section 1057 of Dodd-Frank, also includes an anti-retaliation provision protecting employees performing tasks related to the offering or provision of consumer financial products or services from retaliatory conduct for reporting violations of consumer financial protection laws. On April 2, 2014, the Department of Labor (“DOL”) promulgated an interim final rule on enforcement of the CFPA anti-retaliation provision, closely mirroring the procedures and standards applied in the SOX anti-retaliation context.
Statutorily Protected Conduct
The SOX anti-retaliation provision extends broadly, prohibiting any company with a class of securities registered under Section 12 or subject to the reporting requirements under Section 15(d) of the Securities Exchange Act of 1934 from retaliating against an employee that has engaged in protected activity.
Protected activity generally includes two categories: providing information to an investigation into alleged fraud or violations of SEC rules and regulations, or providing assistance to a proceeding related to the same types of alleged conduct. Specifically, protected activity encompasses:
- Providing information, causing information to be provided, or assisting in an investigation by a federal regulatory or law enforcement agency, a Member or committee of Congress, or an internal company investigation relating to alleged mail fraud, wire fraud, bank fraud, securities fraud, violation of any SEC rule or regulation, or violation of any provision of Federal law relating to fraud against shareholders; or
- Filing, causing to be filed, participating in or assisting a proceeding related to alleged mail fraud, wire fraud, bank fraud, securities fraud, violation of any SEC rule or regulation, or violation of any provision of Federal law relating to fraud against shareholders.
The chart below sets forth the conceptual components of protected activity under the SOX anti-retaliation provision.
Protected Activity Under SOX
| Type of Conduct | Directed To | Relating To |
| “[T]o provide information, cause information to be provided, or otherwise assist in an investigation” | “(A) a Federal regulatory or law enforcement agency; (B) any Member of Congress or any committee of Congress; or(C) a person with supervisory authority over the employee (or such other person working for the employer who has the authority to investigate, discover, or terminate misconduct)” | “[A]ny conduct which the employee reasonably believes constitutes a violation of section 1341, 1343, 1344, or 1348, any rule or regulation of the Securities and Exchange Commission, or any provision of Federal law relating to fraud against shareholders.” |
| “[T]o file, cause to be filed, testify, participate in, or otherwise assist in” | “[A] proceeding filed or about to be filed” | “[A]n alleged violation of section 1341, 1343, 1344, or 1348, any rule or regulation of the Securities and Exchange Commission, or any provision of Federal law relating to fraud against shareholders.” |
The complete publication, including footnotes, is available here.
